Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
eigenartike e-mail von meine konto verschickt

eigenartike e-mail von meine konto verschickt


Plagegeister aller Art und deren Bekämpfung: eigenartike e-mail von meine konto verschickt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.06.2012, 10:56   #1
caro21
 
eigenartike e-mail von meine konto verschickt - Icon21

eigenartike e-mail von meine konto verschickt


Hallo mal wieder. ich brauche sehr schnell dringend hilfe.
von meine e-mail konto werden e-mails mit englischen text und eigenartiken link, an mehrere empfänger verschickt die bei mir gescheichert sind.
meine rechtsanwaltskanzlei machte mich darauf aufmerksam da die auch so ne e-mail von meinen konto erhalten haben.
jetzt gerade schaute ich rein und da war wieder so ne mail, die aber irgendwie mit verzögerung verschickt wird.
so was hier steht da drin:

Thxxp://aguamarinabeachresort.com/httpuptserb1-1.php?profiles=406
Learn h0w t0 turn successful at h0me

___
Thats the whole yarn--whats yourn?Well, Id ben a-running a little temperance revival thar bout a week,and was the pet of the women folks, big and little, for I was makin itmighty warm for the rummies, I TELL you, and takin as much as five orsix dollars a night--ten cents a head, children and niggers free--andbusiness a-growin all the time, when somehow or another a little reportgot around last night that I had a way of puttin in my time with aprivate jug on the sly. eldred wiellaford
Thu, 21 Jun 2012 22:41:44




bitte helft mir.

lg caro

Alt 25.06.2012, 15:22   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
eigenartike e-mail von meine konto verschickt - Standard

eigenartike e-mail von meine konto verschickt


Zitat:
bitte helft mir.
Passwort vom Mailkonto ändern!

Und nimm kein schwaches Passwort! Das neue Passwort sollte min. 10 Zeichen haben bestehend aus kleinen & großen Buchstaben, Zahlen um am besten noch ein Sonderzeichen wie @ oder % oder % oder irgendwas anderes was werder eine Zahl noch ein Buchstabe ist!
__________________

__________________
Alt 25.06.2012, 19:06   #3
caro21
 
eigenartike e-mail von meine konto verschickt - Standard

eigenartike e-mail von meine konto verschickt


OTL Logfile:
[CODE]OTL logfile created on: 25.06.2012 19:58:24 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\samohT\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 66,06% Memory free
4,00 Gb Paging File | 2,92 Gb Available in Paging File | 72,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 135,11 Gb Free Space | 69,21% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 201,47 Gb Free Space | 74,50% Space Free | Partition Type: NTFS
Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 12,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 3,71 Gb Total Space | 1,71 Gb Free Space | 46,13% Space Free | Partition Type: FAT32

Computer Name: SAMOHT-PC | User Name: samohT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.06.25 19:52:07 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\samohT\Downloads\OTL.exe
PRC - [2012.06.17 22:52:05 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.06.13 17:37:04 | 001,088,904 | ---- | M] (Spigot, Inc.) -- C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012.06.13 17:27:26 | 000,792,512 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2012.03.13 14:33:02 | 003,196,016 | ---- | M] (Babylon Ltd.) -- C:\Programme\Babylon\Babylon-Pro\Babylon.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.01.26 16:08:56 | 003,665,752 | ---- | M] () -- D:\Tobit Radio.fx\Server\rfx-server.exe
PRC - [2012.01.18 11:44:32 | 002,057,048 | ---- | M] (Tobit.Software) -- D:\Tobit Radio.fx\Client\rfx-tray.exe
PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.13 17:03:34 | 004,283,256 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe
PRC - [2011.03.28 21:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.08.18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2008.02.25 20:28:50 | 000,110,592 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\UMTS USB Modem Manager.exe


========== Modules (No Company Name) ==========

MOD - [2012.06.17 22:52:05 | 002,042,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.04.25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll
MOD - [2012.04.25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll
MOD - [2012.04.25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll
MOD - [2012.04.25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll
MOD - [2012.04.25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll
MOD - [2012.04.25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll
MOD - [2012.03.02 09:31:38 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2012.01.26 13:39:32 | 009,560,576 | ---- | M] () -- D:\Tobit Radio.fx\Client\tobitclt.dll
MOD - [2012.01.26 12:13:36 | 000,215,552 | ---- | M] () -- D:\Tobit Radio.fx\Client\rfx-client$.ger
MOD - [2008.02.25 20:28:50 | 000,110,592 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\UMTS USB Modem Manager.exe
MOD - [2008.02.25 20:27:54 | 000,135,168 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\LocaleMgrPlugin.dll
MOD - [2008.02.25 20:27:22 | 000,151,552 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\SMSPlugin.dll
MOD - [2008.02.25 20:26:38 | 000,032,768 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\NotifyServicePlugin.dll
MOD - [2008.02.25 20:24:58 | 000,057,344 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\ConfigFilePlugin.dll
MOD - [2008.02.25 20:24:02 | 000,098,304 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\DeviceMgrPlugin.dll
MOD - [2008.02.25 20:22:22 | 000,098,304 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\NetInfoPlugin.dll
MOD - [2008.02.25 20:22:08 | 000,065,536 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\CallPlugin.dll
MOD - [2008.02.25 20:20:40 | 000,086,016 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\DialUpPlugin.dll
MOD - [2008.02.25 20:19:42 | 000,155,648 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\DeviceMgrUIPlugin.dll
MOD - [2008.02.25 20:15:12 | 000,651,264 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\NDISAPI.dll
MOD - [2008.01.25 11:41:36 | 000,139,264 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\DetectDev.dll
MOD - [2008.01.25 11:41:28 | 000,491,520 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\atcomm.dll
MOD - [2008.01.17 11:57:46 | 000,045,056 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\DeviceOperate.dll
MOD - [2008.01.17 11:57:24 | 000,041,472 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\XCodec.dll
MOD - [2007.08.23 16:39:30 | 000,014,848 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\isaputrace.dll
MOD - [2007.07.31 15:50:04 | 000,090,112 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\FileManager.dll


========== Win32 Services (SafeList) ==========

SRV - [2012.06.17 22:52:05 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.13 17:27:26 | 000,792,512 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.01.26 16:08:56 | 003,665,752 | ---- | M] () [Auto | Running] -- D:\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx)
SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.13 16:27:02 | 001,492,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.09.22 17:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2007.08.24 19:44:54 | 000,101,504 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B 46 14 A0 56 D0 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {C02C082C-0EB5-4AE8-99BC-D8E5F5350D76}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{605A40EC-2C68-41AF-A9D9-82E8C6E4F83F}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{C02C082C-0EB5-4AE8-99BC-D8E5F5350D76}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/home?affID=108511"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.05.16 08:55:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.17 22:52:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.07.14 11:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samohT\AppData\Roaming\mozilla\Extensions
[2012.06.19 13:11:38 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\samohT\AppData\Roaming\mozilla\Firefox\Profiles\xxxww8ca.default\extensions
[2011.07.04 16:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samohT\AppData\Roaming\mozilla\Firefox\Profiles\xxxww8ca.default\extensions\chrome
[2011.07.04 16:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samohT\AppData\Roaming\mozilla\Firefox\Profiles\xxxww8ca.default\extensions\components
[2012.01.19 19:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.17 23:21:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com
[2012.05.16 08:55:38 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.06.19 13:11:38 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.06.19 13:11:38 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF
[2012.06.17 22:52:05 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.21 11:36:33 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.21 11:36:33 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.21 11:36:33 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.21 11:36:33 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.21 11:36:33 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.21 11:36:33 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKCU..\Run: [rfxsrvtray] D:\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{145D5FB2-28B8-4E20-B225-1FD59F90D9EB}: NameServer = 212.23.97.3 212.23.97.2
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 19:03:48 | 000,000,054 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.01.15 17:17:16 | 000,025,214 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2007.08.23 19:04:06 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{070d66c0-abf9-11e0-b2f8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{070d66c0-abf9-11e0-b2f8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O33 - MountPoints2\{16693d42-dae0-11e0-acd1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{16693d42-dae0-11e0-acd1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{684ca023-acbc-11e0-a758-001fd097b8d5}\Shell - "" = AutoRun
O33 - MountPoints2\{684ca023-acbc-11e0-a758-001fd097b8d5}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{684ca027-acbc-11e0-a758-001fd097b8d5}\Shell - "" = AutoRun
O33 - MountPoints2\{684ca027-acbc-11e0-a758-001fd097b8d5}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{d5c64903-a8f1-11e1-940f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d5c64903-a8f1-11e1-940f-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{d5c64916-a8f1-11e1-940f-001fd097b8d5}\Shell - "" = AutoRun
O33 - MountPoints2\{d5c64916-a8f1-11e1-940f-001fd097b8d5}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.06.25 18:21:35 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{2E10BEEA-9A0D-44DD-ACB0-3D6AE222B3FC}
[2012.06.25 08:10:39 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{F647C501-FF78-4093-B753-32F90F59D6E9}
[2012.06.25 08:06:03 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{460AE50C-E83C-4D54-8533-3AA160160FCB}
[2012.06.23 09:44:40 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{AF4FD8CC-707F-4FCE-8738-CCB1CFA75052}
[2012.06.23 09:43:36 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{70B16C25-6BC5-4043-8E12-543FABA47FA5}
[2012.06.22 10:20:39 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{75F840E7-06C0-4C2A-9D7F-B28049536BBA}
[2012.06.22 10:18:05 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{32486551-9BB3-4D5B-8C28-DADC035A3CCE}
[2012.06.21 20:47:01 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{BF7485FA-521A-44E4-9F05-E3DA896681DA}
[2012.06.21 16:25:25 | 000,000,000 | ---D | C] -- C:\Users\samohT\Desktop\GTA 4 Patch
[2012.06.21 08:43:19 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{44330B5F-88C5-4318-BA9B-7C2F26D23985}
[2012.06.19 13:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar
[2012.06.19 13:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012.06.19 13:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012.06.19 13:11:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.06.19 13:07:55 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{04714ACD-C17B-421E-A9BD-DB2E23B6DF87}
[2012.06.19 13:06:31 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{2B0B086C-EB62-4D96-B0D9-504BF26DA0F0}
[2012.06.17 11:07:00 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{F48A5315-1EBB-44B4-A432-0976720B5867}
[2012.06.16 15:25:00 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{9BE0F630-ED46-4EE6-99AE-AFA39792FEC8}
[2012.06.16 13:43:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.06.16 13:43:24 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\Rockstar Games
[2012.06.16 13:41:41 | 000,000,000 | RH-D | C] -- C:\Users\samohT\AppData\Roaming\SecuROM
[2012.06.16 13:35:36 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2012.06.16 13:33:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2012.06.16 13:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2012.06.16 13:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012.06.16 13:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2012.06.16 13:07:14 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{C234FB90-CF65-4EE7-9BD5-A26B798E65C9}
[2012.06.15 20:33:42 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Roaming\Malwarebytes
[2012.06.15 20:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.15 20:32:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.06.15 20:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.15 20:32:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.15 20:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.15 15:30:23 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2012.06.15 15:29:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.06.15 15:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2012.06.15 10:24:06 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{E4053864-AE16-4C7B-87BB-FE84749AA5BD}
[2012.06.14 22:16:45 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{A831ACBA-C9D7-4F15-9938-9EB412059030}
[2012.06.14 22:15:39 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{3DE7E1FF-BA16-456D-BB81-F8107073B169}
[2012.06.13 10:33:51 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{8B071109-A9AA-42D3-B78E-47F6FF609459}
[2012.06.13 10:33:13 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{435725C9-77D0-4365-8FB0-E5718BEB2E41}
[2012.06.12 13:07:49 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{B4E72C2A-EB38-420E-92C6-7029A67C400C}
[2012.06.12 13:04:13 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{298421DB-687D-4A14-B2B0-1357C4DAE68F}
[2012.06.11 20:13:09 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{27AE5AF8-07A8-4A7A-9C6E-B2E855DEF56B}
[2012.06.11 13:46:40 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{C506A898-D3E3-491B-AD2E-F13073474FEA}
[2012.06.11 13:46:07 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{947B848E-7CBD-4D76-8D2A-B791D498759F}
[2012.06.10 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{F29FA7E1-EAEF-47C5-ACCE-3321963FF1CB}
[2012.06.10 18:35:14 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{264D23BF-1D7A-44FD-8B9A-936970F9E003}
[2012.06.09 21:02:44 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{52A2F454-CE68-4FBB-914F-46D307C736E9}
[2012.06.09 10:50:14 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{9E4987E2-C75F-4C68-AD00-7F4900AB197E}
[2012.06.09 10:49:35 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{557C67A7-36FE-404D-8871-AF90DCD56030}
[2012.06.08 20:15:49 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{7B499FB1-D4A9-4F30-97AE-4C1D72404268}
[2012.06.08 20:12:34 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{C3ABB123-29DF-47D4-95A5-E62F6E7093CB}
[2012.06.07 18:11:17 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{8102A712-8D6F-4C4B-9E09-F82513EB40CE}
[2012.06.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{F632CC50-C063-42E0-A9D5-8E468F7E4437}
[2012.06.07 10:33:55 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{C3B1FD53-6324-408D-AA8C-569A5364351F}
[2012.06.06 16:54:00 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{8F0FD94A-E4DE-41DE-B083-82373E3E64F8}
[2012.06.06 16:50:19 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{0855683E-0FB7-48F4-BB4F-39BC8FF1F6C6}
[2012.06.05 17:41:23 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{9377D72D-F734-4A57-BA27-881DFCD0A368}
[2012.06.05 17:40:48 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{875EAD0A-5CE2-46FA-859E-1FE626FB030D}
[2012.06.05 10:31:42 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{039230D6-DB8F-4FF5-A09F-62A7ED018226}
[2012.06.05 10:31:03 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{D306AD23-E891-4043-AFA0-4473F16DFC08}
[2012.06.04 11:20:30 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{B2B694D0-D296-4B5B-859A-0899714539F2}
[2012.06.04 10:54:42 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{1FE744DA-A19D-4AE3-BCCD-E60FBE3C218E}
[2012.06.01 14:09:24 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{4A1D7FDE-9B7D-4F73-8F33-8EF7F1EBA7F3}
[2012.06.01 14:07:48 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{D48446A0-88FE-4E16-8AE4-E1E0CDD78723}
[2012.05.30 16:28:28 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{8A6BF225-E654-4457-9F5D-0932492BD883}
[2012.05.30 10:25:51 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{28005DA6-477F-457A-95E8-DD760DFADCA0}
[2012.05.30 10:24:47 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{99600866-7016-472C-94B3-932623DB6F4E}
[2012.05.28 20:25:12 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{0DEF3661-FA45-4157-8DEE-C7D9FB773367}
[2012.05.28 20:21:34 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{33F0A02F-2F18-47AC-8009-9DF619F10F94}
[2012.05.28 17:04:21 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{3001B5F3-9611-4A68-B733-C5ECE6745A30}
[2010.06.02 06:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Users\samohT\DSETUP.dll

========== Files - Modified Within 30 Days ==========

[2012.06.25 19:51:12 | 000,000,000 | ---- | M] () -- C:\Users\samohT\defogger_reenable
[2012.06.25 19:11:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.25 18:28:17 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.25 18:28:17 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.25 18:21:12 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.25 18:21:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.25 18:21:02 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.22 10:23:37 | 000,654,076 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.22 10:23:37 | 000,615,958 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.22 10:23:37 | 000,129,948 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.22 10:23:37 | 000,106,338 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.19 20:45:51 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.06.16 13:35:36 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2012.06.16 13:31:46 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012.06.16 13:08:20 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2012.06.15 20:32:58 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012.06.15 15:30:02 | 000,001,047 | ---- | M] () -- C:\Users\samohT\Desktop\Kaspersky Security Scan.lnk
[2012.06.14 22:14:55 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012.06.25 19:51:12 | 000,000,000 | ---- | C] () -- C:\Users\samohT\defogger_reenable
[2012.06.16 13:31:46 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012.06.16 13:08:20 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2012.06.15 20:32:58 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012.06.15 15:30:24 | 000,001,047 | ---- | C] () -- C:\Users\samohT\Desktop\Kaspersky Security Scan.lnk
[2011.07.31 18:49:12 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2011.07.22 11:30:21 | 000,127,136 | ---- | C] () -- C:\Users\samohT\061211192252.jpg
[2011.07.22 11:28:51 | 000,093,406 | ---- | C] () -- C:\Users\samohT\061311162405.jpg
[2011.07.22 11:28:21 | 000,115,117 | ---- | C] () -- C:\Users\samohT\061111231132.jpg
[2011.07.22 11:27:44 | 000,088,269 | ---- | C] () -- C:\Users\samohT\061111231124.jpg
[2011.07.16 10:08:22 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.07.16 10:07:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.07.14 11:14:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.07.11 22:22:50 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.07.11 22:22:50 | 000,022,328 | ---- | C] () -- C:\Users\samohT\AppData\Roaming\PnkBstrK.sys
[2011.07.11 22:22:33 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.07.11 22:22:33 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.07.11 22:22:30 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011.07.11 21:30:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.06.02 06:22:54 | 001,412,902 | ---- | C] () -- C:\Users\samohT\OCT2006_d3dx9_31_x64.cab
[2010.06.02 06:22:54 | 001,127,217 | ---- | C] () -- C:\Users\samohT\OCT2006_d3dx9_31_x86.cab
[2010.06.02 06:22:54 | 000,273,960 | ---- | C] () -- C:\Users\samohT\Nov2008_XAudio_x64.cab
[2010.06.02 06:22:54 | 000,272,611 | ---- | C] () -- C:\Users\samohT\Nov2008_XAudio_x86.cab
[2010.06.02 06:22:54 | 000,182,361 | ---- | C] () -- C:\Users\samohT\OCT2006_XACT_x64.cab
[2010.06.02 06:22:54 | 000,138,017 | ---- | C] () -- C:\Users\samohT\OCT2006_XACT_x86.cab
[2010.06.02 06:22:54 | 000,086,037 | ---- | C] () -- C:\Users\samohT\Oct2005_xinput_x64.cab
[2010.06.02 06:22:54 | 000,045,359 | ---- | C] () -- C:\Users\samohT\Oct2005_xinput_x86.cab
[2010.06.02 06:22:52 | 001,906,878 | ---- | C] () -- C:\Users\samohT\Nov2008_d3dx9_40_x64.cab
[2010.06.02 06:22:52 | 001,550,796 | ---- | C] () -- C:\Users\samohT\Nov2008_d3dx9_40_x86.cab
[2010.06.02 06:22:52 | 000,965,421 | ---- | C] () -- C:\Users\samohT\Nov2008_d3dx10_40_x86.cab
[2010.06.02 06:22:52 | 000,121,794 | ---- | C] () -- C:\Users\samohT\Nov2008_XACT_x64.cab
[2010.06.02 06:22:52 | 000,092,684 | ---- | C] () -- C:\Users\samohT\Nov2008_XACT_x86.cab
[2010.06.02 06:22:52 | 000,054,522 | ---- | C] () -- C:\Users\samohT\Nov2008_X3DAudio_x64.cab
[2010.06.02 06:22:52 | 000,021,851 | ---- | C] () -- C:\Users\samohT\Nov2008_X3DAudio_x86.cab
[2010.06.02 06:22:50 | 000,994,154 | ---- | C] () -- C:\Users\samohT\Nov2008_d3dx10_40_x64.cab
[2010.06.02 06:22:50 | 000,196,762 | ---- | C] () -- C:\Users\samohT\NOV2007_XACT_x64.cab
[2010.06.02 06:22:50 | 000,148,264 | ---- | C] () -- C:\Users\samohT\NOV2007_XACT_x86.cab
[2010.06.02 06:22:50 | 000,046,144 | ---- | C] () -- C:\Users\samohT\NOV2007_X3DAudio_x64.cab
[2010.06.02 06:22:50 | 000,018,496 | ---- | C] () -- C:\Users\samohT\NOV2007_X3DAudio_x86.cab
[2010.06.02 06:22:48 | 001,802,058 | ---- | C] () -- C:\Users\samohT\Nov2007_d3dx9_36_x64.cab
[2010.06.02 06:22:48 | 001,709,360 | ---- | C] () -- C:\Users\samohT\Nov2007_d3dx9_36_x86.cab
[2010.06.02 06:22:48 | 000,864,600 | ---- | C] () -- C:\Users\samohT\Nov2007_d3dx10_36_x64.cab
[2010.06.02 06:22:48 | 000,803,884 | ---- | C] () -- C:\Users\samohT\Nov2007_d3dx10_36_x86.cab
[2010.06.02 06:22:48 | 000,273,018 | ---- | C] () -- C:\Users\samohT\Mar2009_XAudio_x86.cab
[2010.06.02 06:22:46 | 000,275,044 | ---- | C] () -- C:\Users\samohT\Mar2009_XAudio_x64.cab
[2010.06.02 06:22:46 | 000,121,506 | ---- | C] () -- C:\Users\samohT\Mar2009_XACT_x64.cab
[2010.06.02 06:22:46 | 000,092,740 | ---- | C] () -- C:\Users\samohT\Mar2009_XACT_x86.cab
[2010.06.02 06:22:38 | 000,054,600 | ---- | C] () -- C:\Users\samohT\Mar2009_X3DAudio_x64.cab
[2010.06.02 06:22:38 | 000,021,298 | ---- | C] () -- C:\Users\samohT\Mar2009_X3DAudio_x86.cab
[2010.06.02 06:22:36 | 001,973,702 | ---- | C] () -- C:\Users\samohT\Mar2009_d3dx9_41_x64.cab
[2010.06.02 06:22:36 | 001,612,446 | ---- | C] () -- C:\Users\samohT\Mar2009_d3dx9_41_x86.cab
[2010.06.02 06:22:36 | 001,067,160 | ---- | C] () -- C:\Users\samohT\Mar2009_d3dx10_41_x64.cab
[2010.06.02 06:22:36 | 001,040,745 | ---- | C] () -- C:\Users\samohT\Mar2009_d3dx10_41_x86.cab
[2010.06.02 06:22:36 | 000,251,194 | ---- | C] () -- C:\Users\samohT\Mar2008_XAudio_x64.cab
[2010.06.02 06:22:36 | 000,226,250 | ---- | C] () -- C:\Users\samohT\Mar2008_XAudio_x86.cab
[2010.06.02 06:22:36 | 000,122,336 | ---- | C] () -- C:\Users\samohT\Mar2008_XACT_x64.cab
[2010.06.02 06:22:36 | 000,093,734 | ---- | C] () -- C:\Users\samohT\Mar2008_XACT_x86.cab
[2010.06.02 06:22:34 | 001,769,862 | ---- | C] () -- C:\Users\samohT\Mar2008_d3dx9_37_x64.cab
[2010.06.02 06:22:34 | 001,443,282 | ---- | C] () -- C:\Users\samohT\Mar2008_d3dx9_37_x86.cab
[2010.06.02 06:22:34 | 000,818,260 | ---- | C] () -- C:\Users\samohT\Mar2008_d3dx10_37_x86.cab
[2010.06.02 06:22:34 | 000,055,058 | ---- | C] () -- C:\Users\samohT\Mar2008_X3DAudio_x64.cab
[2010.06.02 06:22:34 | 000,021,867 | ---- | C] () -- C:\Users\samohT\Mar2008_X3DAudio_x86.cab
[2010.06.02 06:22:32 | 000,937,246 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx9_43_x64.cab
[2010.06.02 06:22:32 | 000,844,884 | ---- | C] () -- C:\Users\samohT\Mar2008_d3dx10_37_x64.cab
[2010.06.02 06:22:32 | 000,768,036 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx9_43_x86.cab
[2010.06.02 06:22:32 | 000,278,060 | ---- | C] () -- C:\Users\samohT\Jun2010_XAudio_x86.cab
[2010.06.02 06:22:32 | 000,277,338 | ---- | C] () -- C:\Users\samohT\Jun2010_XAudio_x64.cab
[2010.06.02 06:22:32 | 000,124,596 | ---- | C] () -- C:\Users\samohT\Jun2010_XACT_x64.cab
[2010.06.02 06:22:32 | 000,093,686 | ---- | C] () -- C:\Users\samohT\Jun2010_XACT_x86.cab
[2010.06.02 06:22:30 | 000,762,188 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dcsx_43_x86.cab
[2010.06.02 06:22:30 | 000,235,955 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx10_43_x64.cab
[2010.06.02 06:22:30 | 000,197,283 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx10_43_x86.cab
[2010.06.02 06:22:30 | 000,138,205 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx11_43_x64.cab
[2010.06.02 06:22:30 | 000,109,445 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx11_43_x86.cab
[2010.06.02 06:22:28 | 000,944,460 | ---- | C] () -- C:\Users\samohT\Jun2010_D3DCompiler_43_x64.cab
[2010.06.02 06:22:28 | 000,931,471 | ---- | C] () -- C:\Users\samohT\Jun2010_D3DCompiler_43_x86.cab
[2010.06.02 06:22:28 | 000,752,783 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dcsx_43_x64.cab
[2010.06.02 06:22:20 | 000,269,024 | ---- | C] () -- C:\Users\samohT\JUN2008_XAudio_x86.cab
[2010.06.02 06:22:18 | 001,792,608 | ---- | C] () -- C:\Users\samohT\JUN2008_d3dx9_38_x64.cab
[2010.06.02 06:22:18 | 001,463,878 | ---- | C] () -- C:\Users\samohT\JUN2008_d3dx9_38_x86.cab
[2010.06.02 06:22:18 | 000,867,828 | ---- | C] () -- C:\Users\samohT\JUN2008_d3dx10_38_x64.cab
[2010.06.02 06:22:18 | 000,849,919 | ---- | C] () -- C:\Users\samohT\JUN2008_d3dx10_38_x86.cab
[2010.06.02 06:22:18 | 000,269,628 | ---- | C] () -- C:\Users\samohT\JUN2008_XAudio_x64.cab
[2010.06.02 06:22:18 | 000,152,909 | ---- | C] () -- C:\Users\samohT\JUN2007_XACT_x86.cab
[2010.06.02 06:22:18 | 000,121,054 | ---- | C] () -- C:\Users\samohT\JUN2008_XACT_x64.cab
[2010.06.02 06:22:18 | 000,093,128 | ---- | C] () -- C:\Users\samohT\JUN2008_XACT_x86.cab
[2010.06.02 06:22:18 | 000,055,154 | ---- | C] () -- C:\Users\samohT\JUN2008_X3DAudio_x64.cab
[2010.06.02 06:22:18 | 000,021,905 | ---- | C] () -- C:\Users\samohT\JUN2008_X3DAudio_x86.cab
[2010.06.02 06:22:16 | 001,607,774 | ---- | C] () -- C:\Users\samohT\JUN2007_d3dx9_34_x64.cab
[2010.06.02 06:22:16 | 001,607,286 | ---- | C] () -- C:\Users\samohT\JUN2007_d3dx9_34_x86.cab
[2010.06.02 06:22:16 | 001,064,925 | ---- | C] () -- C:\Users\samohT\Jun2005_d3dx9_26_x86.cab
[2010.06.02 06:22:16 | 000,699,044 | ---- | C] () -- C:\Users\samohT\JUN2007_d3dx10_34_x64.cab
[2010.06.02 06:22:16 | 000,698,472 | ---- | C] () -- C:\Users\samohT\JUN2007_d3dx10_34_x86.cab
[2010.06.02 06:22:16 | 000,197,122 | ---- | C] () -- C:\Users\samohT\JUN2007_XACT_x64.cab
[2010.06.02 06:22:16 | 000,180,785 | ---- | C] () -- C:\Users\samohT\JUN2006_XACT_x64.cab
[2010.06.02 06:22:16 | 000,133,671 | ---- | C] () -- C:\Users\samohT\JUN2006_XACT_x86.cab
[2010.06.02 06:22:14 | 001,336,002 | ---- | C] () -- C:\Users\samohT\Jun2005_d3dx9_26_x64.cab
[2010.06.02 06:22:14 | 000,277,191 | ---- | C] () -- C:\Users\samohT\Feb2010_XAudio_x86.cab
[2010.06.02 06:22:14 | 000,276,960 | ---- | C] () -- C:\Users\samohT\Feb2010_XAudio_x64.cab
[2010.06.02 06:22:14 | 000,122,446 | ---- | C] () -- C:\Users\samohT\Feb2010_XACT_x64.cab
[2010.06.02 06:22:14 | 000,093,180 | ---- | C] () -- C:\Users\samohT\Feb2010_XACT_x86.cab
[2010.06.02 06:22:12 | 000,194,675 | ---- | C] () -- C:\Users\samohT\FEB2007_XACT_x64.cab
[2010.06.02 06:22:12 | 000,147,983 | ---- | C] () -- C:\Users\samohT\FEB2007_XACT_x86.cab
[2010.06.02 06:22:12 | 000,054,678 | ---- | C] () -- C:\Users\samohT\Feb2010_X3DAudio_x64.cab
[2010.06.02 06:22:12 | 000,020,713 | ---- | C] () -- C:\Users\samohT\Feb2010_X3DAudio_x86.cab
[2010.06.02 06:22:10 | 000,178,359 | ---- | C] () -- C:\Users\samohT\Feb2006_XACT_x64.cab
[2010.06.02 06:22:10 | 000,132,409 | ---- | C] () -- C:\Users\samohT\Feb2006_XACT_x86.cab
[2010.06.02 06:22:04 | 001,084,720 | ---- | C] () -- C:\Users\samohT\Feb2006_d3dx9_29_x86.cab
[2010.06.02 06:22:02 | 001,801,048 | ---- | C] () -- C:\Users\samohT\dsetup32.dll
[2010.06.02 06:22:02 | 001,574,376 | ---- | C] () -- C:\Users\samohT\DEC2006_d3dx9_32_x86.cab
[2010.06.02 06:22:02 | 001,362,796 | ---- | C] () -- C:\Users\samohT\Feb2006_d3dx9_29_x64.cab
[2010.06.02 06:22:02 | 001,247,499 | ---- | C] () -- C:\Users\samohT\Feb2005_d3dx9_24_x64.cab
[2010.06.02 06:22:02 | 001,013,225 | ---- | C] () -- C:\Users\samohT\Feb2005_d3dx9_24_x86.cab
[2010.06.02 06:22:02 | 000,537,432 | ---- | C] () -- C:\Users\samohT\DXSETUP.exe
[2010.06.02 06:22:02 | 000,192,475 | ---- | C] () -- C:\Users\samohT\DEC2006_XACT_x64.cab
[2010.06.02 06:22:02 | 000,145,599 | ---- | C] () -- C:\Users\samohT\DEC2006_XACT_x86.cab
[2010.06.02 06:22:02 | 000,094,011 | ---- | C] () -- C:\Users\samohT\dxupdate.cab
[2010.06.02 06:22:02 | 000,042,410 | ---- | C] () -- C:\Users\samohT\dxdllreg_x86.cab
[2010.06.02 06:22:00 | 001,571,154 | ---- | C] () -- C:\Users\samohT\DEC2006_d3dx9_32_x64.cab
[2010.06.02 06:22:00 | 001,357,976 | ---- | C] () -- C:\Users\samohT\Dec2005_d3dx9_28_x64.cab
[2010.06.02 06:22:00 | 001,079,456 | ---- | C] () -- C:\Users\samohT\Dec2005_d3dx9_28_x86.cab
[2010.06.02 06:22:00 | 000,273,264 | ---- | C] () -- C:\Users\samohT\Aug2009_XAudio_x64.cab
[2010.06.02 06:22:00 | 000,272,642 | ---- | C] () -- C:\Users\samohT\Aug2009_XAudio_x86.cab
[2010.06.02 06:22:00 | 000,212,807 | ---- | C] () -- C:\Users\samohT\DEC2006_d3dx10_00_x64.cab
[2010.06.02 06:22:00 | 000,191,720 | ---- | C] () -- C:\Users\samohT\DEC2006_d3dx10_00_x86.cab
[2010.06.02 06:22:00 | 000,122,408 | ---- | C] () -- C:\Users\samohT\Aug2009_XACT_x64.cab
[2010.06.02 06:22:00 | 000,093,106 | ---- | C] () -- C:\Users\samohT\Aug2009_XACT_x86.cab
[2010.06.02 06:21:58 | 000,930,116 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx9_42_x64.cab
[2010.06.02 06:21:58 | 000,728,456 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx9_42_x86.cab
[2010.06.02 06:21:58 | 000,232,635 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx10_42_x64.cab
[2010.06.02 06:21:58 | 000,192,131 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx10_42_x86.cab
[2010.06.02 06:21:58 | 000,136,301 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx11_42_x64.cab
[2010.06.02 06:21:58 | 000,105,044 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx11_42_x86.cab
[2010.06.02 06:21:56 | 003,319,740 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dcsx_42_x86.cab
[2010.06.02 06:21:56 | 003,112,111 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dcsx_42_x64.cab
[2010.06.02 06:21:56 | 000,900,598 | ---- | C] () -- C:\Users\samohT\Aug2009_D3DCompiler_42_x86.cab
[2010.06.02 06:21:46 | 000,919,044 | ---- | C] () -- C:\Users\samohT\Aug2009_D3DCompiler_42_x64.cab
[2010.06.02 06:21:46 | 000,271,412 | ---- | C] () -- C:\Users\samohT\Aug2008_XAudio_x64.cab
[2010.06.02 06:21:46 | 000,271,038 | ---- | C] () -- C:\Users\samohT\Aug2008_XAudio_x86.cab
[2010.06.02 06:21:44 | 001,794,084 | ---- | C] () -- C:\Users\samohT\Aug2008_d3dx9_39_x64.cab
[2010.06.02 06:21:44 | 001,464,672 | ---- | C] () -- C:\Users\samohT\Aug2008_d3dx9_39_x86.cab
[2010.06.02 06:21:44 | 000,849,167 | ---- | C] () -- C:\Users\samohT\Aug2008_d3dx10_39_x86.cab
[2010.06.02 06:21:44 | 000,198,096 | ---- | C] () -- C:\Users\samohT\AUG2007_XACT_x64.cab
[2010.06.02 06:21:44 | 000,153,012 | ---- | C] () -- C:\Users\samohT\AUG2007_XACT_x86.cab
[2010.06.02 06:21:44 | 000,121,772 | ---- | C] () -- C:\Users\samohT\Aug2008_XACT_x64.cab
[2010.06.02 06:21:44 | 000,092,996 | ---- | C] () -- C:\Users\samohT\Aug2008_XACT_x86.cab
[2010.06.02 06:21:42 | 001,800,160 | ---- | C] () -- C:\Users\samohT\AUG2007_d3dx9_35_x64.cab
[2010.06.02 06:21:42 | 001,708,152 | ---- | C] () -- C:\Users\samohT\AUG2007_d3dx9_35_x86.cab
[2010.06.02 06:21:42 | 000,867,612 | ---- | C] () -- C:\Users\samohT\Aug2008_d3dx10_39_x64.cab
[2010.06.02 06:21:42 | 000,852,286 | ---- | C] () -- C:\Users\samohT\AUG2007_d3dx10_35_x64.cab
[2010.06.02 06:21:42 | 000,796,867 | ---- | C] () -- C:\Users\samohT\AUG2007_d3dx10_35_x86.cab
[2010.06.02 06:21:40 | 001,350,542 | ---- | C] () -- C:\Users\samohT\Aug2005_d3dx9_27_x64.cab
[2010.06.02 06:21:40 | 001,077,644 | ---- | C] () -- C:\Users\samohT\Aug2005_d3dx9_27_x86.cab
[2010.06.02 06:21:40 | 000,182,903 | ---- | C] () -- C:\Users\samohT\AUG2006_XACT_x64.cab
[2010.06.02 06:21:40 | 000,137,235 | ---- | C] () -- C:\Users\samohT\AUG2006_XACT_x86.cab
[2010.06.02 06:21:40 | 000,087,142 | ---- | C] () -- C:\Users\samohT\AUG2006_xinput_x64.cab
[2010.06.02 06:21:40 | 000,053,302 | ---- | C] () -- C:\Users\samohT\APR2007_xinput_x86.cab
[2010.06.02 06:21:40 | 000,046,058 | ---- | C] () -- C:\Users\samohT\AUG2006_xinput_x86.cab
[2010.06.02 06:21:38 | 001,606,039 | ---- | C] () -- C:\Users\samohT\APR2007_d3dx9_33_x86.cab
[2010.06.02 06:21:38 | 000,195,766 | ---- | C] () -- C:\Users\samohT\APR2007_XACT_x64.cab
[2010.06.02 06:21:38 | 000,151,225 | ---- | C] () -- C:\Users\samohT\APR2007_XACT_x86.cab
[2010.06.02 06:21:38 | 000,096,817 | ---- | C] () -- C:\Users\samohT\APR2007_xinput_x64.cab
[2010.06.02 06:21:36 | 001,607,358 | ---- | C] () -- C:\Users\samohT\APR2007_d3dx9_33_x64.cab
[2010.06.02 06:21:36 | 000,698,612 | ---- | C] () -- C:\Users\samohT\APR2007_d3dx10_33_x64.cab
[2010.06.02 06:21:36 | 000,695,865 | ---- | C] () -- C:\Users\samohT\APR2007_d3dx10_33_x86.cab
[2010.06.02 06:21:34 | 000,046,010 | ---- | C] () -- C:\Users\samohT\Apr2006_xinput_x86.cab
[2010.06.02 06:21:20 | 000,087,101 | ---- | C] () -- C:\Users\samohT\Apr2006_xinput_x64.cab
[2010.06.02 06:21:18 | 004,162,630 | ---- | C] () -- C:\Users\samohT\Apr2006_MDX1_x86_Archive.cab
[2010.06.02 06:21:18 | 000,916,430 | ---- | C] () -- C:\Users\samohT\Apr2006_MDX1_x86.cab
[2010.06.02 06:21:18 | 000,179,133 | ---- | C] () -- C:\Users\samohT\Apr2006_XACT_x64.cab
[2010.06.02 06:21:18 | 000,133,103 | ---- | C] () -- C:\Users\samohT\Apr2006_XACT_x86.cab
[2010.06.02 06:21:16 | 001,397,830 | ---- | C] () -- C:\Users\samohT\Apr2006_d3dx9_30_x64.cab
[2010.06.02 06:21:16 | 001,347,354 | ---- | C] () -- C:\Users\samohT\Apr2005_d3dx9_25_x64.cab
[2010.06.02 06:21:16 | 001,115,221 | ---- | C] () -- C:\Users\samohT\Apr2006_d3dx9_30_x86.cab
[2010.06.02 06:21:16 | 001,078,962 | ---- | C] () -- C:\Users\samohT\Apr2005_d3dx9_25_x86.cab

========== LOP Check ==========

[2012.04.12 14:15:51 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\ASCON Installer
[2012.05.14 01:10:00 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Babylon
[2011.07.23 14:17:04 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Baumaschinen Simulator 2011
[2011.08.01 13:09:55 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Serif
[2011.07.31 18:54:35 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Tobit
[2012.01.12 12:01:48 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Windows Live Writer
[2012.05.16 13:17:39 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 25.06.2012 19:58:24 - Run 1
OTL by OldTimer - Version 3.2.53.0     Folder = C:\Users\samohT\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 66,06% Memory free
4,00 Gb Paging File | 2,92 Gb Available in Paging File | 72,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 195,21 Gb Total Space | 135,11 Gb Free Space | 69,21% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 201,47 Gb Free Space | 74,50% Space Free | Partition Type: NTFS
Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 12,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 3,71 Gb Total Space | 1,71 Gb Free Space | 46,13% Space Free | Partition Type: FAT32
 
Computer Name: SAMOHT-PC | User Name: samohT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04AFAB3A-0CC6-4032-A7F8-62C4C8D05CC6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2524BC7B-E2C1-43E6-A1B1-D8A2FA9D5E4F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{2A47A15F-29F9-40EF-9D1D-7AD73BA0D365}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2AE60A24-4DD6-4689-8AB3-CC0339693EA4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{30EFC6F0-7DF0-4ED7-B6BF-95987ED24649}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{3D42174F-756F-4A4E-A348-758E89F3A60E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{9B900D3A-2D47-4EDF-8414-D868DBB9A082}" = rport=445 | protocol=6 | dir=out | app=system | 
"{9CEDBFCB-9050-4C62-9850-666B79C68067}" = rport=139 | protocol=6 | dir=out | app=system | 
"{A5BD9BA6-B299-4DE5-822E-33F46A36E434}" = rport=137 | protocol=17 | dir=out | app=system | 
"{C6C8907B-4165-4CCE-B3EE-7DD1B44B3662}" = lport=137 | protocol=17 | dir=in | app=system | 
"{CADDB456-7735-47E0-B327-112F7458C052}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E02045C0-5FE6-4698-9662-2BB9CB520AB2}" = lport=138 | protocol=17 | dir=in | app=system | 
"{FB8B71E2-B744-484D-82C9-BCF442C2F87F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{FFCE3E29-654A-4BAF-8CA7-110EB4E12C13}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11170DDD-FD48-48FB-A917-9D8F212F2A49}" = protocol=17 | dir=in | app=c:\program files\agrar simulator 2012\iupdate.dll | 
"{1C2B7D88-049C-40AE-852D-08D09BA08FEA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{229ACC93-B36D-47F8-AF43-9A0B45692B61}" = protocol=6 | dir=in | app=d:\tobit radio.fx\client\rfx-client.exe | 
"{27A2106C-8098-4B21-805D-228284D64836}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{2977B3EB-8ACB-4631-8CCD-25BF1DCD550A}" = protocol=6 | dir=in | app=d:\tobit radio.fx\server\rfx-server.exe | 
"{34169774-9052-402B-9FE5-216971FE4EB4}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{373BEBE6-D6CB-41EE-A008-ABD63811D7AC}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe | 
"{489E3A55-B2DB-49D3-9B28-EFF21683623F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{4ECAEDE4-B167-4909-849E-88705A214FF3}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 
"{5C442942-989D-4DE1-A9C4-E9EE0ACFB770}" = protocol=17 | dir=in | app=c:\program files\agrar simulator 2012\farm2012.dll | 
"{61CE9899-D8DB-4477-A369-19D57DA3CF2B}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{68F06661-E616-418A-8BA4-376A94785605}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe | 
"{706FC791-2121-4666-9AE0-474479F303CD}" = protocol=17 | dir=in | app=d:\tobit radio.fx\client\rfx-client.exe | 
"{7385A839-23E5-4797-B00A-0C99658FC046}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe | 
"{7D2A770A-E017-4F1F-8069-CE2D336BD5F5}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{8900E34D-D34B-4036-A074-F7158F705009}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe | 
"{8BE07F28-CB35-4B1F-BC6D-47DEAF27A23A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{9E0506D5-D059-48E9-A4D6-07FD6C81A094}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
"{9F3D9B92-7635-4A9F-AEC7-72A950F1BBCE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{A17938C1-8EF3-496A-AF0A-4947450FA45F}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe | 
"{A6FA157B-EB12-4C10-A030-5A1DC6E5A640}" = protocol=6 | dir=in | app=c:\program files\agrar simulator 2012\iupdate.dll | 
"{B2576410-F08D-49FE-B6F6-DDED860E1134}" = protocol=17 | dir=in | app=d:\tobit radio.fx\server\rfx-server.exe | 
"{B382355E-B431-4232-BCCF-DD50EBA4B5DC}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe | 
"{BAA583B2-421A-4C33-9B05-8B36CDC1A722}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe | 
"{BEB74624-978A-40A5-911E-BC72F05E92FB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{D4D383B6-7ADD-4984-8C28-8171B7D917F4}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe | 
"{DA10FCCA-1101-498D-9826-C91C72B603C3}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{DD30E845-6EC6-4793-B413-7DC6082B853B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
"{E5A9B248-B6F9-4030-B130-6D4121266039}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{E685D158-7C6C-4263-990B-E1EABF60E4D2}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{F1A4FB9C-F7FA-4A3D-A3B4-2F5715229D7E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{F71C6C93-C586-4216-8379-B5534DCCB645}" = protocol=6 | dir=in | app=c:\program files\agrar simulator 2012\farm2012.dll | 
"{FE3E8C9B-C79B-402A-B173-0913A10DB615}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{F7EE7721-CC85-4AED-9627-DD2D1966C0E0}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | 
"UDP Query User{09333676-BD6B-4D81-A513-7A7417D111EE}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7625AFA5-81FF-4FCD-B30F-4F8706202C8F}_is1" = Farm Racern 1.0
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{BFD8647E-5F88-4440-B902-F500B36487B9}" = YouTube Downloader Toolbar v5.9
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA1DF66C-5EFA-4F8A-9256-0C7D2D74C640}" = Wohnwagen Park Tycoon  So lebt totaler Trash
"{FAFC9FF9-56BE-414D-B637-537E7D06E7B9}" = Serif PhotoPlus 11
"18 Wheels of Steel: American Long Haul" = 18 Wheels of Steel: American Long Haul 
"18 WoS Extreme Trucker" = 18 WoS Extreme Trucker 1.01
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agrar Simulator 2012" = Agrar Simulator 2012
"avast" = avast! Free Antivirus
"Babylon" = Babylon
"Eisenbahn Simulator_is1" = Eisenbahn Simulator
"Euro Truck Simulator" = Euro Truck Simulator 1.1
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"FormatFactory" = FormatFactory 2.70
"German Truck Simulator" = German Truck Simulator 1.00
"giants_editor_4.1.2_is1" = GIANTS Editor 4.1.2
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"Jagd-Action 3D" = Jagd-Action 3D 1.52D
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Tobit Radio.fx Server" = Radio.fx
"UMTS USB Modem Manager" = UMTS USB Modem Manager
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.02.2012 14:16:19 | Computer Name = samohT-PC | Source = Windows Backup | ID = 4104
Description = 
 
Error - 27.02.2012 13:55:49 | Computer Name = samohT-PC | Source = Windows Backup | ID = 4104
Description = 
 
Error - 04.03.2012 07:04:49 | Computer Name = samohT-PC | Source = VSS | ID = 8194
Description = 
 
Error - 04.03.2012 07:14:25 | Computer Name = samohT-PC | Source = Application Hang | ID = 1002
Description = Programm City-Courier.exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: f78    Startzeit: 
01ccf9f7c1c6aa8f    Endzeit: 20    Anwendungspfad: C:\Program Files\Der Paketdienst\City-Courier.exe

Berichts-ID:
   
 
Error - 04.03.2012 07:35:10 | Computer Name = samohT-PC | Source = Application Hang | ID = 1002
Description = Programm Setup.exe, Version 0.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 810    Startzeit: 
01ccf9f7fb87e7bd    Endzeit: 0    Anwendungspfad: E:\Spiele_DVD\Vollversionen\Flugsimulator\Setup.exe

Berichts-ID:
 9b17bf7e-65ec-11e1-9b34-001fd097b8d5  
 
Error - 04.03.2012 14:15:01 | Computer Name = samohT-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: City-Courier.exe, Version: 0.0.0.0,
 Zeitstempel: 0x45ffca1d  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000094  Fehleroffset: 0x3dfcb7a9  ID des fehlerhaften
 Prozesses: 0xf8c  Startzeit der fehlerhaften Anwendung: 0x01ccfa2e450b9c9b  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Der Paketdienst\City-Courier.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: f4d1242a-6625-11e1-a814-001fd097b8d5
 
Error - 07.03.2012 15:39:02 | Computer Name = samohT-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: javaw.exe, Version: 6.0.290.11, Zeitstempel:
 0x4e897ca0  Name des fehlerhaften Moduls: java.dll, Version: 6.0.290.11, Zeitstempel:
 0x4e89b321  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00004e0a  ID des fehlerhaften Prozesses:
 0x96c  Startzeit der fehlerhaften Anwendung: 0x01ccfc99f218f7de  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Java\jre6\bin\javaw.exe  Pfad des fehlerhaften Moduls:
 C:\Program Files\Java\jre6\bin\java.dll  Berichtskennung: 30bb67b1-688d-11e1-adee-001fd097b8d5
 
Error - 10.03.2012 11:04:13 | Computer Name = samohT-PC | Source = VSS | ID = 8194
Description = 
 
Error - 11.03.2012 14:24:19 | Computer Name = samohT-PC | Source = Windows Backup | ID = 4104
Description = 
 
Error - 18.03.2012 16:28:52 | Computer Name = samohT-PC | Source = Windows Backup | ID = 4104
Description = 
 
[ System Events ]
Error - 03.04.2012 15:12:19 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 03.04.2012 15:13:26 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 03.04.2012 15:21:08 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 03.04.2012 15:24:45 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 04.04.2012 04:00:02 | Computer Name = samohT-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 04.04.2012 04:00:02 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 04.04.2012 14:39:29 | Computer Name = samohT-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 04.04.2012 14:39:29 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 05.04.2012 09:35:04 | Computer Name = samohT-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 05.04.2012 09:35:04 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >
--- --- ---

--- --- ---
__________________
Alt 25.06.2012, 19:08   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
eigenartike e-mail von meine konto verschickt - Standard

eigenartike e-mail von meine konto verschickt


Was schmeißt du jetzt hier ein OTL-Log rein
Zusammenhang mit meiner Antwort gleich Null!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.06.2012, 10:27   #5
caro21
 
eigenartike e-mail von meine konto verschickt - Standard

eigenartike e-mail von meine konto verschickt


ja sorry ich wollt eigendlich noch was dazu schreiben.
wollt eigendlich mal gleich so wie es in der anleitung steht das machen und posten, und gleich mal drüber schauen lassen, weil ich noch andere probleme habe.
aber mit GMER hatte es gestern abend nich mehr hingehauen


Alt 26.06.2012, 12:51   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
eigenartike e-mail von meine konto verschickt - Standard

eigenartike e-mail von meine konto verschickt


Schön!
Hat mit dem Thema in meiner Antwort aber immer noch nichts zu tun
__________________
--> eigenartike e-mail von meine konto verschickt

Alt 26.06.2012, 19:14   #7
caro21
 
eigenartike e-mail von meine konto verschickt - Standard

eigenartike e-mail von meine konto verschickt


ja. wo kann ich denn dann das posten.

deine antwort auf meine fragen, ja war vielleicht hilfreich wenn es dann nicht mehr passiert. dann sollte ich wohl auch besser nich mehr mein passwort speichern.

Alt 26.06.2012, 19:15   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
eigenartike e-mail von meine konto verschickt - Standard

eigenartike e-mail von meine konto verschickt


Poste auch alle Logs von Malwarebytes die da schon vorhanden sind
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu eigenartike e-mail von meine konto verschickt
another, brauche, dringend, e-mail, e-mails, empfänger, englische, englischen, erhalte, erhalten, helft, konto, link, little, other, schnell, verschickt, verzögerung


« Automatische Spam-Mails an alle meine Kontakte (live.de) | Neuling brauch hilfe bei Trojaner...Windows Sicherheits Center Update »


Ähnliche Themen: eigenartike e-mail von meine konto verschickt


  1. Mail delivery failed-Email wird an meine gespeicherten Emailadressen verschickt
    Plagegeister aller Art und deren Bekämpfung - 17.06.2015 (15)
  2. Yahoo-Mail Account verschickt Spam, hinterlässt keine Spuren im Verschickt-Ordner Win8
    Plagegeister aller Art und deren Bekämpfung - 16.07.2014 (11)
  3. Yahoo-Mail verschickt Mails an meine Kontakte, aber alle Security Scans behaupten der Rechner sei sicher
    Plagegeister aller Art und deren Bekämpfung - 12.06.2014 (1)
  4. Mail-Konto verschickt Spam, Malware gefunden
    Log-Analyse und Auswertung - 23.04.2014 (10)
  5. E-Mails mit Links von AOL Konto verschickt
    Plagegeister aller Art und deren Bekämpfung - 22.04.2014 (18)
  6. Mail Delivery System Mails... Mail-Konto gehackt?
    Plagegeister aller Art und deren Bekämpfung - 06.03.2014 (7)
  7. Über meine Mail-Adresse wurden massiv Spammails verschickt - Malware unwahrscheinlich - was tun?
    Plagegeister aller Art und deren Bekämpfung - 13.02.2014 (5)
  8. E-Mail Konto bei Telekom verschickt in meinem Namen Spam Nachrichten.
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (11)
  9. Gmx Konto Mail Flut MAILER-DAEMON@mail.gmx.com
    Log-Analyse und Auswertung - 19.03.2013 (2)
  10. E-Mail Account bei gmx.de verschickt Mails an alle meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  11. Meine Gmx-Mail Adresser verschickt Spam-Mails
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (1)
  12. Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (18)
  13. Spambot verschickt meine über meine Emailadresse
    Log-Analyse und Auswertung - 23.12.2011 (1)
  14. Google Mail Konto: Spam-Email an alle meine Kontakte versendet
    Überwachung, Datenschutz und Spam - 22.11.2011 (1)
  15. "Jemand" hat E-Mail mit meinem Absender an meine Kontakte verschickt
    Log-Analyse und Auswertung - 03.11.2011 (8)
  16. Google Mail Konto: Spam-Email an alle meine Kontakte versendet
    Überwachung, Datenschutz und Spam - 25.04.2011 (0)
  17. MSN e-mail konto verschickt eigenständig spam mails an kontakte.. WORM/kido.XI gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.06.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema eigenartike e-mail von meine konto verschickt - Hallo mal wieder. ich brauche sehr schnell dringend hilfe. von meine e-mail konto werden e-mails mit englischen text und eigenartiken link, an mehrere empfänger verschickt die bei mir gescheichert sind. - eigenartike e-mail von meine konto verschickt...
Archiv
Du betrachtest: eigenartike e-mail von meine konto verschickt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58